Feature #5668: eve: optionally add rule fast_pattern - Suricata - Open Information Security Foundation

Actions

Feature #5668

open

eve: optionally add rule fast_pattern

Added by Philippe Antoine over 1 year ago. Updated over 1 year ago.

Status:

New

Priority:

Normal

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

like a configurable metadata...

Related issues 1 (1 open — 0 closed)

Actions

#1

Updated by Philippe Antoine over 1 year ago

Related to Task #5488: Suricon 2022 brainstorm added

Actions

#2

Updated by Victor Julien over 1 year ago

Subject changed from Output fast_pattern used by rule in eve.json to eve: optionally add rule fast_pattern

I can see how this is a convenience, but I also think this is trivial to get from the --engine-analysis's rules.json currently. Yes it requires a bit of post-processing, but nothing to complex.

Actions

Also available in: Atom PDF